Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,625
Maven
5,000+
npm
4,257
NuGet
760
pip
4,050
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,766 advisories

Loading
ownCloud Guests before 0.12.5 allows unauthenticated user enumeration via the /apps/guests... Moderate Unreviewed
CVE-2025-59716 was published Nov 5, 2025
A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an... Moderate Unreviewed
CVE-2025-20377 was published Nov 5, 2025
The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin... Moderate Unreviewed
CVE-2025-12468 was published Nov 5, 2025
The KiotViet Sync plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-12677 was published Nov 5, 2025
codeshare v1.0.0 was discovered to contain an information leakage vulnerability. Moderate Unreviewed
CVE-2025-60925 was published Nov 4, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43479 was published Nov 4, 2025
The issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1. An... Moderate Unreviewed
CVE-2025-43495 was published Nov 4, 2025
A privacy issue was addressed with improved checks. This issue is fixed in watchOS 26.1, iOS 26.1... Moderate Unreviewed
CVE-2025-43455 was published Nov 4, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1... Moderate Unreviewed
CVE-2025-43460 was published Nov 4, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2025-43411 was published Nov 4, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43378 was published Nov 4, 2025
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in... Moderate Unreviewed
CVE-2025-43391 was published Nov 4, 2025
A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, watchOS... Moderate Unreviewed
CVE-2025-43345 was published Nov 4, 2025
lakeFS affected by unauthenticated access to API usage metrics Moderate
CVE-2025-64179 was published for github.com/treeverse/lakefs (Go) Nov 3, 2025
arielshaqed nopcoder
Credited to arielshaqed and nopcoder
An issue in Raspberry Pi Imager version 1.9.6 for Windows, affecting its OS customization feature... Moderate Unreviewed
CVE-2025-60892 was published Nov 3, 2025
A vulnerability was detected in PHPGurukul News Portal 1.0. The impacted element is an unknown... Moderate Unreviewed
CVE-2025-12616 was published Nov 3, 2025
The WP Discourse plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed
CVE-2025-11983 was published Nov 1, 2025
The List category posts plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed
CVE-2025-11377 was published Nov 1, 2025
The Analytify Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-12521 was published Oct 31, 2025
In Nagios Log Server versions prior to 2024R2.0.3, when a user's configured default dashboard is... Moderate Unreviewed
CVE-2025-34272 was published Oct 31, 2025
The following HP Card Readers B Models (X3D03B & Y7C05B) are potentially vulnerable to... Moderate Unreviewed
CVE-2025-11998 was published Oct 30, 2025
On affected platforms, restricted users could view sensitive portions of the config database via... Moderate Unreviewed
CVE-2025-54548 was published Oct 30, 2025
In Search Guard FLX versions 3.1.1 and earlier, Field-Level Security (FLS) rules are improperly... Moderate Unreviewed
CVE-2025-12147 was published Oct 29, 2025
In Search Guard versions 3.1.1 and earlier, Field Masking (FM) rules are improperly enforced on... Moderate Unreviewed
CVE-2025-12148 was published Oct 29, 2025
NextAuthjs Email misdelivery Vulnerability Moderate
GHSA-5jpx-9hw9-2fx4 was published for next-auth (npm) Oct 29, 2025
rootxjs
Credited to rootxjs
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database